Description
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Remediation
References
Related Vulnerabilities
Drupal Core 8.x.x Cross-Site Scripting (8.0.0 - 8.4.8)
Oracle Database Server CVE-2008-2605 Vulnerability (CVE-2008-2605)
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.11)
WordPress Plugin WooCommerce Cross-Site Request Forgery (2.2.2)
OpenSSL Missing Encryption of Sensitive Data Vulnerability (CVE-2019-1547)